Hi [[ session.user.profile.firstName ]]

Cloud Security Alliance: CloudBytes

  • Date
  • Rating
  • Views
  • Managing Top 6 Risks with Cloud Service Providers
    Managing Top 6 Risks with Cloud Service Providers Cliff Turner, Senior Solutions Architect at CloudPassage Recorded: Aug 21 2018 44 mins
    In this webinar, we'll cover the following...

    •Review top six risks with today’s cloud service providers.
    •We will analyze these risks, consider the business impact and show
    you how to proactively manage cloud risk by automating security for
    your cloud management accounts.
    •We will use the AWS CIS foundation benchmarks and the CIS Controls to
    guide our selection of examples for our discussion.
    •With a growing attack surface, it’s important to be aware of the
    risks associated with cloud technology in order to secure and manage
    it properly.
  • A Path to Achieving Network Security ZEN
    A Path to Achieving Network Security ZEN Den Jones, Director – Enterprise Security, Adobe Recorded: Aug 14 2018 57 mins
    Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additional credentials for other services can contribute to a headache for both security pros and users. Is it even possible to balance security and enhancement of the overall user experience? Adobe believes this is possible. We want to help you achieve this balance by sharing our framework known as Project “ZEN.”


    Project ZEN at Adobe is an initiative based upon principles found in zero-trust frameworks. Since there is no “off-the-shelf” solution to fully deliver on these principles today, ZEN is an investment in pioneering technology and policies to make the path to a zero-trust network more efficient and attainable.

    In this session you will: (a) learn about the principles behind Adobe ZEN, (b) understand the Adobe experience so you can start your own journey by leveraging existing security technology investments and targeted automation technologies, and (c) explore common issues you might encounter along the journey, with guidance on overcoming those issues.
  • Next Step – Securing IaaS (AWS, Azure, GCP)
    Next Step – Securing IaaS (AWS, Azure, GCP) Brandon Cook of McAfee Recorded: Aug 9 2018 38 mins
    According to Gartner, the IaaS market grew at a blistering 42.8% in 2017 - twice as fast as SaaS. But, despite last year’s AWS data exposures at Verizon, the RNC, and Dow Jones, most cloud security projects focus on SaaS.

    We’ve worked with AWS and hundreds of IaaS security professionals to develop a tried and true practice specifically designed to protect IaaS environments and the applications and data within them. Join this
    session and discover:
    - Common yet preventable scenarios that result in the loss of corporate data from AWS, Azure and GCP
    - IaaS security best practices for: security configuration auditing, S3 data loss prevention
    operations, user and admin behavior monitoring, and threat prevention
    - Step-by-step guidance on how to gain visibility across all workloads, protect against advanced threats, and discover insights into lateral threat movements
    - Recommendations for creating a successful DevOps workflow that integrates security
  • Extending Network Security Visibility into the Cloud
    Extending Network Security Visibility into the Cloud Anner Kushnir, VP of Technology at AlgoSec Recorded: Aug 7 2018 54 mins
    Enterprises are taking advantage of the economies of scale of cloud computing and migrating applications to public and private clouds. The new technology offers many advantages, but also requires taking a step back and evaluating whether existing network security tools and processes are relevant and effective in these new environments. To maintain their security posture, network security professionals need unified visibility and control as deployments spread to and across clouds. This is critical both to ensure that cloud payloads are protected against the growing number of attacks and breaches and also to satisfy regulatory compliance requirements such as PCI, HIPAA and NERC.

    In this webinar, Anner Kushnir, VP of Technology at AlgoSec, will share insights on the latest cloud security technologies and best practices for maintaining full-blown corporate security governance as enterprises deploy their applications in the cloud. Attendees will learn:
    •How to quickly bring enterprise network security best practices to cloud and hybrid deployments
    •How to gain full visibility into cloud network topology and filtering
    •Proactively uncover gaps in the compliance posture
    •How to ensure continuous compliance as part of policy change management
  • Eliminating Security Blind Spots in your AWS Environments
    Eliminating Security Blind Spots in your AWS Environments Edward Smith of CloudPassage Recorded: Jul 31 2018 38 mins
    As consumption of cloud services increases, security teams struggle to maintain visibility of the cloud assets in use across multiple environments throughout the enterprise. In fact, 43% of security pros say lack of visibility into cloud environments are their biggest operational headache. Cloud defenders struggle to answer two simple, but important questions: what do I have, and is it secure? The only way to answer these critical questions is with comprehensive security visibility of your AWS public cloud environments.

    Join us for this webinar to learn how to regain security visibility across all of your AWS accounts and how to:
    - Automatically discover all of your AWS assets in use across accounts, services, and regions
    - Reduce your attack surface by identifying and remediating security issues
    - Find and respond to hidden risks by assessing both the control plane and data plane
  • Reducing Risk in Public Cloud Environments
    Reducing Risk in Public Cloud Environments Greg Mayfield, Director of Product Marketing, Tenable Recorded: Jul 24 2018 50 mins
    As organizations adopt their multi-cloud and hybrid cloud strategies, continuous visibility and protection of these dynamic cloud workloads remains the #1 challenge for security teams. It’s essential to gain live visibility into AWS, Azure and Google Cloud Platform assets in order to continuously assess cloud infrastructure to detect vulnerabilities, malware and misconfigurations.

    This webinar will benefit SecOps teams by highlighting how they can obtain a unified view into cyber risk across their cloud environment to better prioritize response and mitigation. The discussion will highlight processes and tools to eliminate blind spots, secure cloud assets and applications and better integrate with CI/CD processes for fast and efficient remediation.
  • Avoiding the Dreaded DNS Hijack
    Avoiding the Dreaded DNS Hijack Dhivya Chandramouleeswaran of Adobe Recorded: Jul 12 2018 40 mins
    With increasing adoption of cloud services by organizations, there is unfortunately often an absence of decommissioning checks when such services are no longer in use. It is often up to developers and operations teams to properly clean them up. DNS records pointing to deleted cloud artifacts - not yet purged from name servers - create dangling DNS records. When these artifacts have the potential to be reclaimed by nefarious actors, organizations may become vulnerable to domain hijacking and subdomain takeover attacks.

    In this webinar, Dhivya will discuss:
    - How DNS hijacks differ from domain hijacks
    - Alternatives for identification of expired cloud artifacts
    - Attack mechanisms that may be used
    - Possible monitoring schemes and tools organizations can implement
    - Defensive measures to prevent dangling records and subdomain takeovers
  • A GDPR Compliance & Preparation Report Card
    A GDPR Compliance & Preparation Report Card Neil Thacker, CISO, EMEA -- Netskope Recorded: Jun 27 2018 51 mins
    With the General Data Protection Regulation (GDPR) now enforceable, organizations around the world have both interpreted and incorporated new and amended regulatory requirements into their security policies and programs. Join Neil Thacker, CISO, EMEA at Netskope for a discussion of our recent study with the Cloud Security Alliance on how organizations have prepared for meeting the requirements of the GDPR and what has been the initial impact on their businesses.

    Session topics will include:
    · Preparation for the GDPR including budget and personnel
    · Frameworks organizations are using to comply with the GDPR
    · Company demographics, challenging articles and convergence of security, data protection and privacy roles
  • User Behavior Study Screams the Need for Backup
    User Behavior Study Screams the Need for Backup Aimee Simpson of Code42 Recorded: Jun 26 2018 32 mins
    Digital transformation efforts won’t be successful unless IT accounts for the human element: workforce behavior. What’s the relationship between endpoint devices and employee work habits? We dug into the data to find out.

    In a new research study, Code42 examined data storage behavior across more than 1,200 laptops to learn how users get their work done–what files they create, where they store them, and how they share and interact with their data.

    Watch the webinar to learn:
    - The results of the research study on user behavior
    - The user work styles we found consistent across all organizations
    - The types of files users put most at risk of loss, theft or breach
    - Best practices for mitigating the risk of digital transformation efforts
  • A Path to Achieving Network Security ZEN
    A Path to Achieving Network Security ZEN Den Jones, Director – Enterprise Security, Adobe Recorded: Jun 21 2018 47 mins
    Finding a balance between a pleasant user experience and stringent security requirements can be a challenge. The need to use a certain username and password for some services while saving additional credentials for other services can contribute to a headache for both security pros and users. Is it even possible to balance security and enhancement of the overall user experience? Adobe believes this is possible. We want to help you achieve this balance by sharing our framework known as Project “ZEN.”


    Project ZEN at Adobe is an initiative based upon principles found in zero-trust frameworks. Since there is no “off-the-shelf” solution to fully deliver on these principles today, ZEN is an investment in pioneering technology and policies to make the path to a zero-trust network more efficient and attainable.

    In this session you will: (a) learn about the principles behind Adobe ZEN, (b) understand the Adobe experience so you can start your own journey by leveraging existing security technology investments and targeted automation technologies, and (c) explore common issues you might encounter along the journey, with guidance on overcoming those issues.

Embed in website or blog